It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 9 years ago.
I would like to create a secure container for each of my authenticated users in order to enforce the security( isolation, a user can't see anything outside its container), speed ( the size of its own database is smaller ). These containers will store all the user documents, profile, themes , ....
Does anyone know how to achieve this with asp.net mvc?
Thx
Since you are storing documents, I'm guessing your "container" is a means to securely store user-specific data permanently on disk on the server. For this task, you main choices are likely to be:
the server's file system (doesn't scale too well tho)
a relational database (such as MySQL, SQL Server or Oracle)
a non-relational database, such as RavenDB or MongoDB
You application will need to provide the means to separate user's data from other users. By using ASP.NET Forms Authentication, and HTTPS, you have a reasonably secure solution - eg. each user's data can be keyed by their username, which is as secure as any web based app with username+password authentication. I.e. to see another user's data you'd have to be able to login as that user or hijack their session, which is difficult with HTTPS.
I don't believe that separating data into silos necessarily is a good way improve performance. Do you actually have a performance problem? Premature optimization is generally a misplaced effort. Organize your data in a way that makes most sense to your application's requirements. Databases can scale up to Terabytes data, and many thousands of concurrent users. There are many techniques to improve performance for large databases, but wait until you actually have a performance problem before diving into that.
Related
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
I want to make one application in C# or VB.net which allow users(Clients) to fill there daily reports using there user account and allow admin (Server) to manage theme (i.e. Add, View, Edit Reports).
I want to make that kind of application.
Vague questions get vague answers. A very basic (and slightly tongue-in-cheek) strategy:
Create a web-page for presenting an interface where the users can enter or upload their reports (maybe have a look at Asp.Net MVC?)
Create a simple back-end system (maybe a service of some kind, using for instance WCF?) to accept and store incoming reports, and retrieve and return existing reports. This should include a database of some kind for storing the reports.
Connect your web-page to the back-end system, and use the former as an interface to the latter.
Create one or several AD groups to provide authentication throughout these systems and grant users the appropriate levels of access.
Once you have got started on this and have tried something, you can ask more precise questions here, to which it will be easier to give more constructive answers.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
I'm already asked this question, but how I was told, I need to create a proggram without of using ssh clients. How do I say I need to write pure C# program using only different .dll's. And I don't know how I can do it.
If you want to implement a proper solution you want to use OpenLDAP.
You can then use C# to query the LDAP database and use that to create accounts remotely.
I don't think it can be done because you want to gain remote access to the linux system you need to use ssh to gain access to the command line to make your users. Look into ssh there are some good clients for windows that allow you this access and I am sure I found some tutorials on how to make a ssh program a while back.
So since you can't use ssh, it is time to get creative!
I'm assuming you have admin rights. Let me know if you don't.
Set up a database (MySQL) on the Ubuntu box, and create a db/table with the new users to be created. You can insert a row from C# into that table.
Set up a cron job, or some other application (in python, c++, w/e you like) that would periodically check for a new row in that table. If it finds one, extract the data, create the user based on that data, and remove the row. This would have to run as root so BE CAREFUL!
I have done something like this before and it is messy and convoluted, but it works, i guess.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
Is it possible to read cross domain cookie in C#? if possible how can i read the cookie,
the cookie set in one domain like "dev-001" and get a cookie in another domain "localhost"
i used
Request.Cookies["userInfo"].Values
it shows a null value.
Is there any possibilities.because it's our requirement. all the information are available in cookie. but I can't read it
No, that's not possible. Cookies cannot be shared cross domain. That would be a huge security flaw.
However you can allow all subdomains to have access if you set the domain to ".your_domain.com".
A weird solution would be to redirect your user to one of the domain to get the cookie content, as bit like a webservice kind of thing but I wouldn't recommend that at all!
If you really need to store data about your user across multiple platforms, why not storing in a database?
Reading cookies from another domain in not possible. While there would be serious security implications if you could, the pragmatic reason is that the browser never sends cookies from other domains when it makes a request. So the information isn't available.
From your brief description, you need to find a better way of performing the task at hand. Cookies cannot be shared across domain.
However, a third party can be introduced into the mix which allows sharing of data (albeit through a much more elaborate mechanism) though it is possible to disable third party cookies.
Cross-domain user tracking without 3rd party cookies?
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
I am developing winform app that runs in two differen pc's
I want to create a replica and get the changes over the internet
How can i do that?
& how can I create replica and sync it using C#?
any ideas will be appreciated
I assume that you are talking about replicating changes in one ms-access "database" such that two instances stay in sync, As such, you'd be better off abandoning ms-access and upscaling to a single centralised database.
this sounds like a bad idea all around.
The common patterns apply;
use GUID id's,
send offline datasets,
cross fingers and look for a job that allows you to use other free tools, suited for the job http://www.microsoft.com/sqlserver/en/us/editions/express.aspx
Avoid conflict resolution (don't edit the same entities on both ends)
Edit
PS. after visiting hamsaweb.net; if you need this to be web deployable on a shared host:
How to deploy SQL CE 4 CTP to shared hosting?
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
This'll be my second time doing a CMS and Inventory Management app for my client. This particular client wants it all to be online. Instead of a desktop app, like I did with my previous client. Which is fine I guess, however I'm a little concerned about the security stuff... What if it gets hacked? He basically wants to be able to manage, view, create new and edit existing orders via his website from an "Admin" type interface after he logs in as an Admin, so obviously I'm going to need Roles.
But is this common or normal practice? The website isn't an intranet, or hosted locally, it's remotely hosted.
Yes, its very normal all of my websites have admin interfaces that allow access to just about everything with the proper credentials.
A word of caution however: If you are not sure what you are doing, I'd be very careful about accepting/storing credit cards or other sensitive information(SSN's medical data etc) . Its easy to screw up, and if that stuff get hacked, you may have some serious legal problems to deal with. Consider hiring someone with the right experience to help with security.
Everything you listed is normal to a Web application, whether it's hosted locally or on an intranet, or hosted remotely.
What you need is probably already implemented in other online CMSs (see Orchard CMS), but if you want to roll your own CMS, it's very easy to use ASP.NET MVC; it also has easy integration with Forms Authentication for ASP.NET.